LDAP login for pre-approved accounts

Nextcloud version: 31.0.8

I want to use LDAP to authenticate user logins. However, I want to specify which accounts can login. I also do not want to sync the entire LDAP directory to my Nextcloud instance.

If I create the accounts in Nextcloud with a dummy password, how can I only allow those enabled accounts to authenticate via LDAP and not every user in the LDAP directory?

For example:

• LDAP directory has 100 users (I cannot modify any LDAP directories or groups).
• On Nextcloud, I create two users whose username/email matches those used in LDAP.
• I only want those two users to be able to login via LDAP, and not the other 98 users in the directory. I also don’t want 98 other accounts created inside Nextcloud.

From what I’ve understood, the LDAP filters are for the directory-side only and not filtering against Nextcloud groups.

Thanks.

See the Login attributes tab, as described here in the Admin Manual:

• User authentication with LDAP — Nextcloud latest Administration Manual latest documentation

• User authentication with LDAP — Nextcloud latest Administration Manual latest documentation

@jtr I did look at that documentation but I don’t see anything that mentions filtering on Nextcloud groups/users.

My understanding is that filtering is for LDAP groups not local Nextcloud groups. Else, could you kindly provide an example ?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.